BSD’s are definitely known for being more secure than Linux. Now, if you want ultimate security, then check out OpenBSD (vice FreeBSD). In over 10 years, they’ve only had two remote exploit flaws. I double-dog dare you to find another operating system with that kind of security track record:
Additionally, the OpenBSD team is responsible for several security technologies used by other BSD’s, Linux, and even Mac OSX such as OpenSSH and Open SSL. Also consider that the Twofish encryption algorithm (invented by the OpenBSD team) was almost chosen as the AES standard. The reason the US DoD went with Rijndael instead was simply a matter of the open source license that had been applied to Twofish not being compatible with what the DoD wanted the rights to do with AES.
Ubuntu is a great desktop, but it’s not a server OS.
Linux is pretty good, (better than windows..) but for web servers, FreeBSD does a better job, there’s a reason Apache is developed on freebsd (that said, linux is better at other things, such as exploring newer technologies)
If your web applications were java based, I might be inclined to say linux, but freebsd does a great job of running php5.
FreeBSD seems to handle server load better than Linux.
FreeBSD also has a mature implementation of “jails” while linux has had a checkered history in this area.. I once relied on “vserver” only to have it abandoned, I’d be a little gun-shy about trusting linux containers until they’ve been in use a couple years.
Jails can vastly improve security by the way they isolate parts of the system. Running apache in a jail will prevent it from having access to the outer machine.
You probably don’t want an encrypted filesystem for performance reasons.
OpenBSD is very secure, I use it as a firewall, but it lacks jail support.